The program's activities involved data mining of a large database of the communications of American citizens, including e-mail communications, telephone conversations, financial transactions, and Internet activity.[3]William Binney, a retired technical leader with the NSA, discussed some of the architectural and operational elements of the program at the 2012 Chaos Communication Congress.[5]

The intelligence community also was able to obtain from the Treasury Department suspicious activity reports, or "SARS", which are reports of activities such as large cash transactions that are submitted by financial institutions under anti-money laundering rules.[3]

There were internal disputes within the Justice Department about the legality of the program, because data are collected for large numbers of people, not just the subjects of Foreign Intelligence Surveillance Act (FISA) warrants.[5][6] During the Bush Administration, the Stellarwind cases were referred to by FBI agents as "pizza cases" because many seemingly suspicious cases turned out to be food takeout orders. According to Mueller, approximately 99 percent of the cases led nowhere, but "it's that other 1% that we've got to be concerned about".[2]

In 2004, the head the Office of Legal Counsel, Jack Landman Goldsmith, wrote at least two legal memos authorizing the program, “We conclude only that when the nation has been thrust into an armed conflict by a foreign attack on the United States and the president determines in his role as commander in chief . . . that it is essential for defense against a further foreign attack to use the [wiretapping] capabilities of the [National Security Agency] within the United States, he has inherent constitutional authority” to order warrantless wiretapping — “an authority that Congress cannot curtail,” Goldsmith wrote in a 108-page memo dated May 6, 2004. In March 2004, the OLC concluded the e-mail program was not legal, and then-Acting Attorney General James Comey refused to reauthorize it.[7]

In March 2012 Wired magazine published "The NSA Is Building the Country's Biggest Spy Center (Watch What You Say)" talking about a vast new NSA facility in Utah and said, "For the first time, a former NSA official has gone on the record to describe the program, codenamed Stellarwind, in detail," naming the official William Binney, a former NSA code breaker. Binney went on to say that the NSA had highly secured rooms that tap into major switches, and satellite communications at both AT&T and Verizon.[8] The article suggested that the supposedly-dispatched Stellarwind continues as an active program. This conclusion was supported by the exposure of Room 641A in AT&T's operations center in San Francisco in 2006.

In June 2013 the Washington Post and the Guardian published an OIG draft report, dated March 2009, leaked by Edward Snowden detailing the Stellarwind program.[1][9] No doubt remained about the continuing nature of the surveillance program.

During September, 2014 The New York Times asserted, "Questions persist after the release of a newly declassified version of a legal memo approving the National Security Agency's Stellarwind program, a set of warrantless surveillance and data collection activities secretly authorized after the terrorist attacks of Sept. 11, 2001." as an introductory headline summary with a link. The accompanying article addressed the release of a newly declassified version of the May 2004 memo.[10] Note was made that the bulk of the program, the telephone, Internet, and e-mail surveillance of American citizens, remained secret until the revelations by Edward Snowden and that to date, significant portions of the memo remain redacted in the newly released version, as well as, that doubts and questions about its legality persist.